Plus: The FBI dismantles the largest-ever China-backed botnet, the DOJ charges two men with a $243 million crypto theft, Apple’s MacOS Sequoia breaks cybersecurity tools, and more.
Security Latest – Read More
Researchers have released technical details about CVE-2024-45488, a critical authentication bypass vulnerability affecting One Identity’s Safeguard for Privileged Passwords (SPP), which could allow attackers to gain full administrative access.
Cyware News – Latest Cyber News – Read More
These exchanges allowed users to trade cryptocurrencies anonymously, creating a safe environment for cybercriminals to launder their proceeds without fear of prosecution.
Cyware News – Latest Cyber News – Read More
These vulnerabilities can lead to remote code execution and privilege escalation, posing a significant risk to affected systems. For example, the Oracle JDeveloper vulnerability can allow attackers to compromise the software and take over the system.
Cyware News – Latest Cyber News – Read More
A sophisticated campaign is using GitHub repositories to spread the Lumma Stealer malware, targeting users interested in open-source projects or receiving email notifications from them.
Cyware News – Latest Cyber News – Read More
Datadog Security Labs recently revealed a security risk within Microsoft Entra ID, showing how its administrative units (AUs) can be weaponized by attackers to create persistent backdoor access.
Cyware News – Latest Cyber News – Read More
The critical bug, CVE-2024-8963, can be used in conjunction with the prior known flaw to achieve remote code execution (RCE).
darkreading – Read More
A North Korean advanced persistent threat (APT) actor (aka Gleaming Pisces) tried to sneak simple backdoors into public software packages.
darkreading – Read More
Singaporean crypto platform BingX said Friday that more than $44 million was stolen from their platform in a cyberattack.
The Record from Recorded Future News – Read More